Announcement

**Biosaiyan** · 08-17-2012, 04:49:40 PM

if you type in kh2fm codebreaker codes txt you will get a link to 4shared and i used them on a codebreaker v10 iso on pcsx2 and most of them worked and some didn't

**lee4** · 08-17-2012, 05:51:38 PM

its best for you to create new thread about problem with KH2fm and ESR

**RoboHobo** · 09-03-2012, 04:08:30 AM

CodeBreaker

Is there any codebrreaker 9.2 that actually work

**lee4** · 09-03-2012, 06:59:47 PM

what kind problems you have?

also post which ps2 model you have?

**Pyriel** · 12-28-2012, 02:35:23 PM

The next time somebody's applying patches to one of these things, you might want to take a look at a problem with the 5 code type. Pelican grouped it with 2 & 4 when they activate and massage the codes, which results in code type 5 being forced to 32-bit alignment, even though it doesn't require it.

For reference, here's the code relevant to the cheat activation.

Code:

RAM:00102DBC loc_102DBC:
RAM:00102DBC                 lui     $v0, 0xFFFF
RAM:00102DC0                 addiu   $s0, 4
RAM:00102DC4                 li      $v0, 0xFFFFFFFC  # Word-alignment, address mask
RAM:00102DC8                 addiu   $s4, 1
RAM:00102DCC                 and     $v0, $a1, $v0    # And command and address with 0xFFFFFFFC
RAM:00102DD0                 li      $v1, 2
RAM:00102DD4                 sw      $v0, 0($s1)      # Result in active cheat array
RAM:00102DD8                 addiu   $s1, 4
RAM:00102DDC                 lw      $v0, 0($s0)      # Load second word of code
RAM:00102DE0                 addiu   $s0, 4
RAM:00102DE4                 sw      $v0, 0($s1)      # Store second word of code
RAM:00102DE8                 beq     $a2, $v1, loc_103180  # Go to next code if Code Type = 2
RAM:00102DEC                 addiu   $s1, 4
RAM:00102DF0                 lw      $v0, 0($s0)      # Copy the third and fourth words for type 4 & 5.
RAM:00102DF4                 addiu   $s4, 1
RAM:00102DF8                 addiu   $s0, 4
RAM:00102DFC                 addiu   $s5, 1           # Also increment active code count
RAM:00102E00                 sw      $v0, 0($s1)
RAM:00102E04                 addiu   $s1, 4
RAM:00102E08                 lw      $v0, 0($s0)
RAM:00102E0C                 b       loc_103050
RAM:00102E10                 addiu   $s0, 4

The jump-table for the switch statement.

Code:

RAM:00517930 JTbl_CodeActivate:.word loc_102D24       # DATA XREF: RAM:00102D10o
RAM:00517934                 .word loc_102D6C
RAM:00517938                 .word loc_102DBC         # Type 2
RAM:0051793C                 .word loc_102E14
RAM:00517940                 .word loc_102DBC         # Type 4
RAM:00517944                 .word loc_102DBC         # Type 5
RAM:00517948                 .word loc_102EC4
RAM:0051794C                 .word loc_102F8C
RAM:00517950                 .word loc_102D6C
RAM:00517954                 .word loc_102FCC
RAM:00517958                 .word loc_102D94
RAM:0051795C                 .word loc_102D24
RAM:00517960                 .word loc_102D24
RAM:00517964                 .word loc_102FF8
RAM:00517968                 .word loc_10305C
RAM:0051796C                 .word loc_1030F4

And the relevant section of the cheat engine.

Code:

RAM:00080194                 lw      $a2, 8($t2)
RAM:00080198
RAM:00080198 loc_80198:                               # CODE XREF: sub_80008+1A4j
RAM:00080198                 nop
RAM:0008019C                 lb      $a3, 0($a0)
RAM:000801A0                 sb      $a3, 0($a2)
RAM:000801A4                 addiu   $a0, 1
RAM:000801A8                 addiu   $a1, 0xFFFF
RAM:000801AC                 bgtz    $a1, loc_80198
RAM:000801B0                 addiu   $a2, 1

All from version 9.0 of the CodeBreaker device. It isn't exactly critical, but it wouldn't be difficult to fix if you're already in there applying patches to the ELF.

**bfoos** · 12-29-2012, 07:05:20 AM

I'll have a look at it later. Or I can simply supply an unpacked "GH" ELF if someone else would like to have at it.

On second thought... I don't really have the time nor desire to fix it.

**bfoos** · 12-31-2012, 08:42:51 PM

K so the only tool I have to analyze the ELF is PS2dis, I really don't feel like tracking down IDA Pro to do this, so if someone else would be so kind as to fix code type 5, I would appreciate it. Or just tell me what bits at which offsets need patching and old vs new hex goodness as I am unlikely to use anything more than a hex editor on this ELF. I'll apply a patch if provided and provide credit in the readme or even the scroller in the app if you want. I could even put bfoos is a lazy cock sucker in there. Otherwise, code type 5 shall forever remain 32-bit aligned. I've done enough work on the day1 shit to merit someone else fixing this imo. I'm by no means fluent in MIPS assembly, I believe I could do this if I were motivated enough, but alas, I am ZzzzzzZZzzzzzzZZzzzz. Oh shit, I just fell asleep.

**Pyriel** · 01-01-2013, 03:08:27 PM

Settle down, dude. It was just a suggestion for an improvement. Fixing it doesn't even really solve much, because you still have to work around the bug if you want the codes to work for everybody, and code type 5 only gets used once in a blue moon. I figured if you guys needed to edit the server configuration again, or something, it might be worth tossing in.

That said, I think I managed to download the unpacked ELF you posted before you deleted it. I can at least provide information for a patch. Realistically, you could just change 0xFFFC to 0xFFFF in the mask, and let people slam into exceptions if they foolishly try to use 2 & 4 with improper addresses.

**bfoos** · 01-01-2013, 03:24:40 PM

Yeah, I'm not doing it bro. Even if the server info changes again at some point, that can be done with nothing more than ps2-unpacker and a hexeditor. Anyway, it is what it is.

Perhaps a better approach would be to fully document the mishandling of that code type and change the description at the very least on CMP, to provide the workaround that you learned of and fgwcheater stumbled upon during his testing and observations. Patching it in this ELF would be fine and dandy and I wouldn't mind it being done for completeness' sake, but it would only benefit a very select few users.

Happy New Year, bro!

**JaceRin10** · 05-15-2013, 10:05:21 PM

can i ask for a walkthrough/guide of this so that i can modify a codebreaker V.10 of mine?

**bfoos** · 05-19-2013, 10:21:25 AM

Sorry but I was never able to unpack CB v9.3 or v10. Otherwise, I would've released modified versions of them as well.

**Pyriel** · 05-19-2013, 11:31:03 PM

There's not a lot of point in that. After 7.1, the minor versions were mostly code list updates, and maybe a minor bug-fix, if they were feeling generous. The only important difference between 9.x and 10.x is supposedly a patch feature for IOP modules that they never deigned to actually use. I suppose if you could crack the thing open, remove the signature check that they almost surely would have required for IOP files, and develop a module that it can interoperate with, you'd have something. That assumes the feature is actually there, and it wasn't just a story CMX spread about. And if you could do all that with version 10, you'd just as well slap a new module into the image on any old version.

**bfoos** · 05-22-2013, 07:27:47 PM

I still would've modified them for the hell of it.

**Linktopower** · 06-06-2013, 01:22:07 PM

Man this is pretty sweet, I didn't even know that modified code breaker existed.
Now I can finally mess around with my ESR backups with cheats. :P

Thanks for the modified Code breaker elf, it really works quite nicely.

**CyKoDeLiC** · 01-21-2014, 08:11:02 AM

Hi there, sorry for digging out such an old thread. But I cannot get this elf to work. When I try to boot it up via FMCB or via File Manager, it just gives me a black screen, no signal detected on my TV. The PS2 stays on. It is an 39000 linked up trough RGB on an LG 3D TV.

Any idea?

Announcement

Codebreaker v9.2 Patched to Load ELF Files Instead of Discs (PS2)

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment